400K+ Yahoo! VOIP passwords posted online

Username and passwords may have been stored completely unencrypted

Hackers claiming to have compromised the Yahoo! Voice over IP (VoIP) network have posted over 400,000 usernames and passwords online.

A plain text data dump has been posted on the internet with passwords for email addresses, including those from yahoo.com, gmail.com and aol.com.

Yahoo! was storing the data without it being encrypted, according to Security firm Trustedsec, which has looked into the breach.

In a blog post, Trustedsec said: "The most alarming part of the entire story was the fact that the passwords were stored completely unencrypted and the full 400,000+ usernames and passwords are now public."

“The method for the compromise was apparently a SQL Injection attack to extract the sensitive information from the database.”

Yahoo! is still investigating the claims.

Yahoo! Voice was set up after Yahoo! bought Associated Content for more than £64 million in early 2010.